From e3673117b7d34cd70bb9fab1e654d14724ae0dbe Mon Sep 17 00:00:00 2001
From: Sergey Linev <S.Linev@gsi.de>
Date: Wed, 11 Apr 2018 14:12:40 +0200
Subject: [PATCH] webgui: let configure https for the TWebWindow
One should be aware that certificate should be provided as well
---
config/rootrc.in | 5 ++++
gui/webdisplay/src/TWebWindowsManager.cxx | 35 +++++++++++++++++------
2 files changed, 31 insertions(+), 9 deletions(-)
diff --git a/config/rootrc.in b/config/rootrc.in
index 40bd1fefc35..d6b505bab0e 100644
--- a/config/rootrc.in
+++ b/config/rootrc.in
@@ -260,8 +260,13 @@ WebGui.HttpPort: 0
# range for allowed http ports, selected randomly
WebGui.HttpPortMin: 8800
WebGui.HttpPortMax: 9800
+# Exact IP iddress to bind bind http server (default - empty)
+WebGui.HttpBind:
# Use only loopback address to bind http server (default - no)
WebGui.HttpLoopback: no
+# Use https protocol for the http server (default - no)
+WebGui.HttpSsl: no
+WebGui.HttpSslCert: rootserver.pem
# OpenGL options (defaults are shown)
# Default user interaction model for 3D view manipulation assumes that user
diff --git a/gui/webdisplay/src/TWebWindowsManager.cxx b/gui/webdisplay/src/TWebWindowsManager.cxx
index e9f7ac92a40..96ef33e3649 100644
--- a/gui/webdisplay/src/TWebWindowsManager.cxx
+++ b/gui/webdisplay/src/TWebWindowsManager.cxx
@@ -92,21 +92,24 @@ bool ROOT::Experimental::TWebWindowsManager::CreateHttpServer(bool with_http)
if (!fServer)
fServer = std::make_unique<THttpServer>("basic_sniffer");
- if (!with_http || (fAddr.length() > 0))
+ if (!with_http || !fAddr.empty())
return true;
- // gServer = new THttpServer("http:8080?loopback&websocket_timeout=10000");
-
int http_port = gEnv->GetValue("WebGui.HttpPort", 0);
int http_min = gEnv->GetValue("WebGui.HttpPortMin", 8800);
int http_max = gEnv->GetValue("WebGui.HttpPortMax", 9800);
+ int http_wstmout = gEnv->GetValue("WebGui.HttpWStmout", 10000);
const char *http_loopback = gEnv->GetValue("WebGui.HttpLoopback", "no");
+ const char *http_bind = gEnv->GetValue("WebGui.HttpBind", "");
+ const char *http_ssl = gEnv->GetValue("WebGui.HttpSsl", "no");
+ const char *ssl_cert = gEnv->GetValue("WebGui.HttpSslCert", "rootserver.pem");
- bool assign_loopback = http_loopback && (strstr(http_loopback, "yes") != 0);
+ bool assign_loopback = http_loopback && strstr(http_loopback, "yes");
+ bool use_secure = http_ssl && strstr(http_ssl, "yes");
int ntry = 100;
if (http_port < 0) {
- R__ERROR_HERE("WebDisplay") << "Not allow to create real HTTP server, check WebGui.HttpPort variable";
+ R__ERROR_HERE("WebDisplay") << "Not allowed to create real HTTP server, check WebGui.HttpPort variable";
return false;
}
@@ -126,13 +129,27 @@ bool ROOT::Experimental::TWebWindowsManager::CreateHttpServer(bool with_http)
http_port = (int)(http_min + (http_max - http_min) * gRandom->Rndm(1));
}
- TString engine;
- engine.Form("http:%d?websocket_timeout=10000", http_port);
- if (assign_loopback)
+ TString engine, url(use_secure ? "https://" : "http://");
+ engine.Form("%s:%d?websocket_timeout=%d", (use_secure ? "https" : "http"), http_port, http_wstmout);
+ if (assign_loopback) {
engine.Append("&loopback");
+ url.Append("localhost");
+ } else if (http_bind && (strlen(http_bind) > 0)) {
+ engine.Append("&bind=");
+ engine.Append(http_bind);
+ url.Append(http_bind);
+ } else {
+ url.Append("localhost");
+ }
+
+ if (use_secure) {
+ engine.Append("&ssl_cert=");
+ engine.Append(ssl_cert);
+ }
if (fServer->CreateEngine(engine)) {
- fAddr = "http://localhost:";
+ fAddr = url.Data();
+ fAddr.append(":");
fAddr.append(std::to_string(http_port));
return true;
}
--
GitLab